Hi,
i'm currently struggling with the following task:
I want to change the check password function from the original (<ha> stands for the defined hash algorithm)
$password_stored = <ha>($salt.$password_clean);
to
$password_stored = <ha>($salt.<ha>($password_clean));
The easiest way to do this is to define a custom check password function performing the modified comparison. The problem is that currently custom functions only receive the username and the password as arguments,
call_user_func_array($callable, array($this->getUsername(), $password));
so I need to load the user from the database again in order go get the salt value. It would be much better if you modify the custom function call to:
call_user_func_array($callable, array($this, $password)); // sfGuardUser.php#line 59
The username would still be accessible vie the getter, and so will be the salt and all the other relevant user fields.
